You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Hendryx-Parker, Calvin" <Ca...@Epylon.com> on 2002/08/24 03:15:22 UTC
CLIENT-CERT and JDBCRealm
I am working on setting up a protected service using tomcat 4.0.2 and
wanted to use CLIENT-CERT as the auth-method and I have a JDBCRealm that
works with the BASIC auth-method. Everything is happy when I set
clientAuth=true until I put a constraint on the resource and require a
particuliar role.
It looks like the tomcat server gets the cert chain just fine since I see
it in the catalina_log as it prints the DN for each cert that it tries. I
have the DN for my cert in the users table and a coresponding entry in the
roles table, but it never seems to match the user from what I see. Is
there a special way that the username or roles must be stored for it to
match?
Thanks,
Calvin
--
calvin hendyrx-parker www.epylon.com
enterprise infomediary, engineering
415.593.2738 o | 415.593.2738 f
Epylon Corporation
645 Harrison Street, Suite 200
San Francisco, CA 94107
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Sessions problem with TC4 on Win XP Home when browsing from "localhost"
Posted by Jeff Corliss <je...@yahoo.com>.
Hmmm ... not sure that I really specified the host
name per se. Also, one thing I forgot to mention...
the app works fine for "localhost" access running on a
Win2k machine. Could this be some XP specific
problem?
--- Vincent.Gaboriau@answare.fr wrote:
> The session are managed using the cookies.
> The cookie uses the Domain Name to see the rights to
> read or write them.
> If in Tomcat you have specified an host with full
> name
> (theServerName.theDomainName), it could be the
> reason. The cookie is created
> with the Domain Name "theDomainName" and the pages
> are accessed by a URL
> without Domain Name.
>
> Hopes it helps you.
>
> -----Message d'origine-----
> De : Jeff Corliss [mailto:jeffcorliss@yahoo.com]
> Envoye : lundi 9 septembre 2002 22:54
> A : Tomcat Users List
> Objet : Sessions problem with TC4 on Win XP Home
> when browsing from
> "localhost"
>
>
> Hi all,
>
> As if the subject line wasn't long enough... here's
> an
> interesting problem I'm hoping someone can help me
> with. Basically, I have a Struts-based app which
> I'm
> deploying on TC4 on a Win XP Home machine while
> developing. When I access the app via a browser on
> another machine on the network, all is fine. When I
> access the app from the machine on which tomcat is
> running (using localhost), it seems that sessions
> are
> constantly being re-created. So, every time I
> perform
> a login to my app (which saves an object in the
> session for "proof of login" etc.), the next page I
> hit that requires being logged in sends me right
> back
> to the login page (because the object is not in the
> session). The session now has another ID and
> "isNew".
> As I mentioned, very same app accessed from another
> machine works perfectly.
>
> Here is a quick undown of the environments:
>
> Localhost machine:
> Win XP Home, jdk=1.3.1_02, Tomcat=4.1.8 thru 4.1.10,
> Struts=1.1b1, Internet Explorer=6.0.
>
> Other machine:
> Win95, IE=5.0
>
> I thought perhaps the problem was with IE 6, so I
> downloaded Mozilla 1.1 and tried the app that way
> with
> same result.
>
> Weird huh? Any ideas are greatly appreciated
> (including pointing out obvious errors on my part).
> -JC
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Finance - Get real-time stock quotes
> http://finance.yahoo.com
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
__________________________________________________
Yahoo! - We Remember
9-11: A tribute to the more than 3,000 lives lost
http://dir.remember.yahoo.com/tribute
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Sessions problem with TC4 on Win XP Home when browsing from "localhost"
Posted by Vi...@answare.fr.
The session are managed using the cookies.
The cookie uses the Domain Name to see the rights to read or write them.
If in Tomcat you have specified an host with full name
(theServerName.theDomainName), it could be the reason. The cookie is created
with the Domain Name "theDomainName" and the pages are accessed by a URL
without Domain Name.
Hopes it helps you.
-----Message d'origine-----
De : Jeff Corliss [mailto:jeffcorliss@yahoo.com]
Envoye : lundi 9 septembre 2002 22:54
A : Tomcat Users List
Objet : Sessions problem with TC4 on Win XP Home when browsing from
"localhost"
Hi all,
As if the subject line wasn't long enough... here's an
interesting problem I'm hoping someone can help me
with. Basically, I have a Struts-based app which I'm
deploying on TC4 on a Win XP Home machine while
developing. When I access the app via a browser on
another machine on the network, all is fine. When I
access the app from the machine on which tomcat is
running (using localhost), it seems that sessions are
constantly being re-created. So, every time I perform
a login to my app (which saves an object in the
session for "proof of login" etc.), the next page I
hit that requires being logged in sends me right back
to the login page (because the object is not in the
session). The session now has another ID and "isNew".
As I mentioned, very same app accessed from another
machine works perfectly.
Here is a quick undown of the environments:
Localhost machine:
Win XP Home, jdk=1.3.1_02, Tomcat=4.1.8 thru 4.1.10,
Struts=1.1b1, Internet Explorer=6.0.
Other machine:
Win95, IE=5.0
I thought perhaps the problem was with IE 6, so I
downloaded Mozilla 1.1 and tried the app that way with
same result.
Weird huh? Any ideas are greatly appreciated
(including pointing out obvious errors on my part).
-JC
__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Sessions problem with TC4 on Win XP Home when browsing from "localhost"
Posted by Jeff Corliss <je...@yahoo.com>.
Hi all,
As if the subject line wasn't long enough... here's an
interesting problem I'm hoping someone can help me
with. Basically, I have a Struts-based app which I'm
deploying on TC4 on a Win XP Home machine while
developing. When I access the app via a browser on
another machine on the network, all is fine. When I
access the app from the machine on which tomcat is
running (using localhost), it seems that sessions are
constantly being re-created. So, every time I perform
a login to my app (which saves an object in the
session for "proof of login" etc.), the next page I
hit that requires being logged in sends me right back
to the login page (because the object is not in the
session). The session now has another ID and "isNew".
As I mentioned, very same app accessed from another
machine works perfectly.
Here is a quick undown of the environments:
Localhost machine:
Win XP Home, jdk=1.3.1_02, Tomcat=4.1.8 thru 4.1.10,
Struts=1.1b1, Internet Explorer=6.0.
Other machine:
Win95, IE=5.0
I thought perhaps the problem was with IE 6, so I
downloaded Mozilla 1.1 and tried the app that way with
same result.
Weird huh? Any ideas are greatly appreciated
(including pointing out obvious errors on my part).
-JC
__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: CLIENT-CERT and JDBCRealm
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Fri, 23 Aug 2002, Hendryx-Parker, Calvin wrote:
> Date: Fri, 23 Aug 2002 18:15:22 -0700
> From: "Hendryx-Parker, Calvin" <Ca...@Epylon.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: tomcat-user@jakarta.apache.org
> Subject: CLIENT-CERT and JDBCRealm
>
> I am working on setting up a protected service using tomcat 4.0.2 and
> wanted to use CLIENT-CERT as the auth-method and I have a JDBCRealm that
> works with the BASIC auth-method. Everything is happy when I set
> clientAuth=true until I put a constraint on the resource and require a
> particuliar role.
>
> It looks like the tomcat server gets the cert chain just fine since I see
> it in the catalina_log as it prints the DN for each cert that it tries. I
> have the DN for my cert in the users table and a coresponding entry in the
> roles table, but it never seems to match the user from what I see. Is
> there a special way that the username or roles must be stored for it to
> match?
>
Yes ... the principal name from the first certificate in the chain must be
a username in your Realm for client-cert authentication to work.
> Thanks,
> Calvin
Craig
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>